CVE-2026-42129: Grafana Loki Datasource Plugin Path Traversal Vulnerability
A path traversal vulnerability in the Grafana Loki datasource plugin allows an authenticated Viewer-role user to access administrative Loki endpoints and extract sensitive backend configuration and internal service information. This vulnerability has a CVSS score of 7.7 and is considered HIGH severity. Affected users should update Grafana OSS to a patched version.